I need some recommendations buying a laptop solely for security activities such as pentest, owasp testing, malware analysis, forensics and incident response. I do understand there is a need to run multiple VM's, memory intensive tools, etc. Please let me know your thoughts.

3xban wrote:Macbook Pro i7 w/ 8GB of RAM I am up to 3 VMs running at once as well as host based activity (web browsing and such). Though a Dell Alienware should work out the same.

Similar to what I would suggest, something where you can max the F out on RAM and get BackTrack VM, and 3-4 VMs running at once. I'd say to shop for deals on HP or Dell and find the best deal that has the most RAM.

Without specifically recommending one over another, I would strongly encourage you to get one with a 256gb ssd and a larger internal drive so you can keep host based stuff and VM based stuff on separated. I find drive contention is the biggest issue on my laptop when running multiple VMs. I know Dell is offering this configuration on the precision line, but really have not kept up on hardware in the last year or two.

I would recommend to buy a lighter laptop (an used Lenovo or Dell with an Intel i5 will be perfect), with a big screen. Also buy one or two used servers that will host your targets. It will cost less and you will benefit more (you can even reuse the hardware later).

I recommend you a second monitor. I am using a desktop with dual monitors. Sometimes I use my laptop connected to a 24” 1920x1200 monitor. It is very good for the eyes, and you have a lot of workspace. I read somewhere that working on only a monitor is like eating on the table from the aeroplane, and I agree with this.

If you still want to go w only a laptop, a SSD is a must. You can have a Dell XPS, 17" 1080p, SSD, 8GB RAM for about 1500$.

blueaxis wrote:Thanks all for your inputs. Looks like the ballpark figure is around $1200 - $1500.

I'm no professional, but I have $400 ThinkPad X120e that runs like a champ. I got the model with the dual core processor. Upgraded the RAM and put in an SSD, it works just fine for everything I want it to do. I can run virtual machines, LiveCD's, etc., without any problem. I imagine I'd want something more powerful if pentesting was my fulltime job, but it should be fine for a hobbyist or just wanting to learn some new skills.

Last edited by eth3real on Fri Dec 02, 2011 3:48 pm, edited 1 time in total.

I have two laptops I use. One is a Toshiba laptop / tablet, more for demonstrations and presenting, but still has 8 GB and is small, for mobility. Then there's my beast of an ASUS, with 12 GB, quad core i7. It's 17", so it's large, but lets me do pretty much anything I need, and I regularly have upwards of 6 VM's running on it, at any given time, for labs and simulations. The Toshiba was $1100 a couple of years ago, and the ASUS was $1500, a couple of months ago, from Frye's, in Houston, while on a business trip.

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

In essence get as much memory and CPU as you can afford as this will give you the flexibility required to run multiple VM's. Multiple disks are a real necessity if you do not want performance issues. I run my VM's from a USB drive and find the performance satisfactory so try that if you cannot get something with multiple drives.

I would not buy cheap to upgrade later as that is a waste of resources. Get the best you can for your budget as you can always use it for something else down the line or sell it to another enthusiast if you decide not to pursuit this.